Local Privilege Escalation Vulnerabilities in Cisco VPN Client
cisco-sa-20070815-vpnclient · Medium · Published · Updated
Two vulnerabilities exist in the Cisco VPN Client for Microsoft Windows that may allow unprivileged users to elevate their privileges to those of the LocalSystem account. A workaround exists for one of the two vulnerabilities disclosed in this advisory. Cisco has made free software available to address these vulnerabilities for affected customers. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070815-vpnclient. Note: Releases 5.0.7.0240 (beta release) and 5.0.7.0290 (official release) of the 64-bit version of the Cisco VPN Client had a regression in the fix for the vulnerability "Local Privilege Escalation Through Default cvpnd.exe File Permissions". Release 5.0.7.0440 of the 64-bit Cisco VPN Client fixes this regression. 32-bit versions of the Cisco VPN Client did not have this regression.